Cyberscam Alert: Increase in phishing emails requesting financial information
The Office of Information Security (OIS) warns about an increase in a phishing attacks targeting faculty, staff and students.
About the scam(s)
The campus has received an increase of phishing emails requesting financial information such as bank account information, online payment services, and/or gift card purchases. The scam falsely claims to be from a higher ranking faculty, staff member, or trusted organization requesting you make an unusual purchase (like a gift card), to send financial information, or click a link. See a PDF example of this type of phishing scam. The emails do not originate from a TU email address and have the External Email tag applied.
Recognizing the scam
Look for a combination of these things:
- [EXTERNAL EMAIL – USE CAUTION] – The external tag is present at the top of all incoming emails coming from external sources, so you review and evaluate them to ensure the emails aren’t fake or malicious. Note: not all emails with this tag are malicious; it’s meant to raise your awareness.
- An unknown sender email address – Confirm if you recognize the email address, not the sender’s name.
- Generic open-ended questions in the subject or body. Examples include: ‘Are you available’, ‘do you have a minute’, or asking for your mobile phone number.
- Requests to move the conversation to a text.
- An unusual or strange purchase request.
What to do if you’ve received this type of scam
If you receive this or a similar suspicious email-including requests for financial files or information-in your TU account:
- Confirm the sender. Look up their info and contact them directly.
- Report the phish byusing the ‘Report Phish’ button in Outlook on a computer, or by forwarding the email to phishing@towson.edu
- Do not reply through email or complete the request.
- Question the request. Ask yourself if the request is normal.
Categorised in: General
This post was written by Weldon, Jennifer